VM self-service is good and bad. By self service, people can set up their own VMs. This can be bad. VMs have to be managed, backed up, secured and, when it comes to licensing, paid for (you don't want the software police on your case do ya?).

Self-service is good because a private cloud is supposed to be fluid, which means VMs have to create on an as-needed basis.

And good self-service tools make self-service good by putting controls on when, how and who can create these VMs.

Redmond columnist Greg Shields took a look at these issues, in particular how they are raised with the advent of Microsoft Virtual Machine Manager (VMM) 2012 and System Center App Controller. With these two tools, app managers and IT infrastructure folks can work together to deploy VMs and apps with discipline, and make that private cloud run smooth.

Self-service is a great idea, as long as IT is doing the self-servicing.

I have over 600 passwords and I only remember one of them. I use a password manager (visKeeper -- sort of like Splash Data, except older). The one password I remember is the one I use to open visKeeper and to log in to my computer. All the rest I look up from the database. I use a different unique random password for everything.

I selected visKeeper because it had desktop PC and Windows Mobile versions, and you could sync the database between the two. I could look up, create and edit passwords on my phone when I needed to. When Microsoft dropped Windows Mobile, SFR (the company behind visKeeper) didn't pursue other phones or the successor to Windows Mobile. It may be out of business now -- at least today its Web site doesn't respond. I've lived without the phone version for a couple of years now, sort of miss it, but it hasn't messed me up very much to not have access to my passwords.

One of these days I'll get around to writing a program to convert the visKeeper data to something else, probably Splash Data which has good support for different phones.The incident which pushed me to this extreme happened a few years ago. I had a login issue with a financial services Web site. I was only using my main password in a dozen or so places that I commonly visited, including this one. When the system administrator who was helping me said 'Can I verify that your password is ….?,' I was shocked. I considered that a compromise of every use of that password. It's also a terrible idea for systems to be designed so that anyone, regardless of privileges, can access your literal password. But you know systems designed like that are out there, so I decided I wouldn't use my master password anywhere else than on my computer, and I would use long random passwords everywhere else.
-Rick

LastPass.

It's my solution on my PCs, work, home and all my mobile devices (available for the $1 per month subscription).

I create one master password for LastPass, and then it will generate pseudo-random passwords for all my Web sites, none the same. It also will import the passwords you already have on your system, secure them, and has quite a few other tools to help you change those passwords to make them secure. Even Wi-Fi keys and other secure data can be stored in LastPass.

I probably sound like an advertisement for the software, but I love it that much. It's my desert island app.-Kevin

Shhh, I write them down on a sticky note under the keyboard ;) Just kidding, of course. I use Password Safe.-Anonymous

Share your thoughts with the editors of this newsletter! Write to dbarney@redmondmag.com. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Symantec found a bold way to show just how well it can recover data. It bought a server rack weighing a quarter ton, loaded the thing up with Red Hat Linux and Solaris, and built an Oracle database. A second server was built as backup.

The working server was hauled to the top of an 18-story building and, like Kramer's oil bladder, unceremoniously dropped over the side

Despite the trauma, the first server smoothly failed over to the second -- a better outcome than the Kramer bladder, which landed on Jerry's girlfriend.

Microsoft yesterday unveiled the prices it will charge for its Surface Pro tablet. This is the version of Surface meant for real computing as it runs on Windows 8 Pro, includes an Intel processor and can run the library of Windows 7 and other compatible apps. The surface you can buy today is based on ARM and really expects a whole new library of native software.

So what's this Surface Pro gonna run me? From $900 to a grand, for starters. A thousand bucks will get you a model with 128 GB of storage. With so many cloud storage offerings, hopefully that will be plenty of room.

Have you ponied up for an ARM surface? Any thoughts on these machines? Share at dbarney@redmondmag.com.

Microsoft certifications have always been the source of some controversy. When these things were all the rage, a cert in your pocket was the ticket to a hot job, or perhaps a promotion in the current one. Some folks collected them like stamps. A whole industry popped up.

Certs are still around and there is still clear value in them. But just how much exact value is the question.

I'm not sure if Microsoft reads the papers but there are a ton of alternatives for each and every thing Microsoft produces. That's why in nearly all of these markets competitors are gaining.

Microsoft justifies the CAL increase because end users tend to run Redmond's software on an increasing number of devices. So if you double the number of devices but only increase the price 15 percent, you're getting a bargain, right? I reckon -- only if you are, in fact, using the software on more and more devices. If not, you are getting whacked with a pretty steep price hike.

User CALs, which offer multiple device use, can be a bargain compared to buying licenses for all your machines. Deciding between these User CALs and Device CALs (which are limited to the device) is complex.

My advice? Take a close look at usage patterns, get your accountant involved and strike the best deal.

Handling passwords used to be simple. In the early days we had one, and the guy in the glass room knew what it was if we forgot. Now how many do you have? And in how many forms do they come? Some for low-security Web sites are simple. Other times low-security Web sites want complex passwords. Even worse, all the easy user names are taken so it's the user name not the password that is inordinately difficult. It ends up that all these things are different.

Then you end up having to change these passwords, making tracking all the more tricky. Ways to keep it all together are a disaster: pieces of paper, unencrypted files on thumb drives -- that sort of thing.

LastPass is a tool that can encrypt this stuff, and let you put it in that thumb drive or keep it on the 'Net.

Our Redmond review found it worked pretty well, but a Web reader of the review pointed out that there was a security problem last year. The good thing is the company CEO came clean and it looks like the problem was long ago resolved.

How do you handle your passwords? Give us all advice we can use at dbarney@redmondmag.com.

When folks with connections to Microsoft talk about using the Mac it is usually a knock against Windows. Redmond columnist Don Jones just did the opposite in his piece "Why I use a Mac."

Dig this: Don uses a Mac because he likes Windows too much! Within the discipline of having to USE the Mac, Don would spend all of his time PLAYING with Windows.

Jones has none of those feelings for the Mac. It is a tool, and that's it.

In fact, the Mac Don takes with him on the road is the best of both words, with plenty of Windows firepower resting comfortably in a nest of virtual machines.

There are two other reasons: For one, Don needs to know the Mac so he can answer questions intelligently. And what if, God forbid, Windows collapses and the Mac takes over? In that insanely unlikely scenario, Jones could still pay the rent.

Windows 8 is as big of a question mark as predicting next year's Superbowl winner. I've gotten feedback from close to 100 Redmond Report readers and the reviews are decidedly mixed. It's like that biker with love and hate tattooed across both sets of knuckles. Michael Miller, whom I worked with when he was editor-in-chief of InfoWorld, found much the same thing.

A survey by Forrester also backs both our anecdotal findings.

Past Windows upgrades, with the exception of Vista, were no brainers -- the only question was how long it would take.

Windows 8 is different because, well Windows 8 is very different and very disruptive. And that gives business great pause, making the adoption slow, Forrester believes.

Redmond columnist Don Jones is a big fan of Windows Server 2012. The only problem (and it's a problem for Microsoft, not Don) is that the OS is not terribly exciting. And it's not terribly new or flashy. It doesn't have a fundamentally new user interface that looked like an over-inflated smartphone.

Server 2012 is boring because what it does it kind of boring. And it just works, just like its predecessor, Jones argues. Not exactly marketing gold.

But there's a lot to the new server OS.

The thing it seems Jones loves best about Server 2012 is you can manage it almost entirely from PowerShell. And for a PowerShell fan/guru like Don, that is indeed great news.

Another cool thing? It's easier to manage servers remotely, he argues. And in these days where workers could be anywhere, that's a pretty big deal.

In the very early days of computing most of us stuck with just one password to remember. Now I have a couple dozen. That's because each site or service seems to require a different level of password. And when passwords expire you have to come up with a new one.

Forgetting a password is a fear that ranks right up with spiders, public speaking and meeting future in-laws. That's why so many choose such weak passwords -- weak passwords are easy to remember.

As expected, "password" is the worst followed by the near twins "123456" and "12345678." What I didn't expect to see on the list is monkey, dragon and Ashley.

SplashData has the usual advice: to make the passwords complex and perhaps use a phrase so it's complex but easy to remember.

Redmond Report readers have their own advice:

"I suggest to our people is to use a sentence like mydogFid0,has4coldnose," wrote Ed from Maryland. "Easy to remember and could easily be modified to relate to the system or Web site on which it is used. The problem I run into is limitations on password length. Only 8 characters for the bank? Give me a break!"

Then John from Pennsylvania chimed in: "I have at least 10 passwords to maintain at work and each one has different rules and limitations on their creation. You better bet that I've figured out how to reuse the same one with minor mods for over a year before I need to make a major change."

How do remember all your passwords? Best advice can be sent to dbarney@redmondmag.com.

My take is that the iPad, while built like a computer (OS, memory, display, input, apps), is no PC. Having bought one only reinforced that take -- it's superb for what it does and is one heckuva oversized camera, but I can't get any real work done with the thing. It's a fine e-mail machine for traveling, but so is a BlackBerry.

McCracken does real work on his and the former editor-in-chief of PC World claims it is his "favorite computer."

To Harry the iPad is a PC replacement. The key, and this is a big key, is having an accessory keyboard. The touch pad is the main stumbling block to real use. In fact, Harry has me intrigued enough to consider buying one. But then I'll have buy some productivity software, figure out where to store my files that is as good as my PC hard drive and divine some way to print. Seems like a lot of effort and expense to duplicate what I already have.

Do you use the iPad for real work? How does a real keyboard change things? What do you use for software and how the heck do you print?